﻿<cfsilent>
	<cfscript>
	
		jsonAdvice = getProperty("serviceFactory").getBean("jsonAdvice");
		sessionAdvice = getProperty("serviceFactory").getBean("sessionAdvice");
		datetimeAdvice = getProperty("serviceFactory").getBean("datetimeAdvice");
		
		sequenceTargetResponse = getProperty("serviceFactory").getBean("sequenceTargetResponse");
		
		targetId = event.getArg("TAG");
		answer = event.getArg("OPT");
		chooserId = event.getArg("SCC");
		
		secureTicket = event.getArg("ST");
		
		studentId = sessionAdvice.getAutherUserID();
		
		currentDateTime = datetimeAdvice.getCurrentDatetimeString();
		
		postSecure = false;

		/* 回执信息 */
		response = structNew();
		structInsert(response, "success", false, true);
		
		/* 首先做安全检查 */
		try {
			stringOrignal = decrypt(secureTicket, studentId, "PBEWithMD5AndDES", "Hex");
			stringTest = targetId & answer;
			
			if ( stringOrignal eq stringTest ) {
				postSecure = true;
			}
		}
		catch(any excpt) {
		}
		
		if ( postSecure ) {
			
			transaction {
				
				/**/
				sequenceTargetResponse.setChooseID( chooserId );
				sequenceTargetResponse.setTargetID( targetId );
				
				voteId = sequenceTargetResponse.getID();
				
				sql = "SELECT 1 FROM t_target_response WHERE vote_id = :voteId ";
				
				queryObj = new Query( datasource=application.dnsMaster );
				queryObj.addParam( name="voteId", value=voteId, cfsqltype="cf_sql_varchar" );
		
				rs_check = queryObj.execute( sql=sql ).getResult();
				
				
				if ( rs_check.recordCount ) {
					
					sql = "UPDATE t_target_response 
							SET 
								tag_id = :targetId, 
								scc_id = :chooserId, 
								stu_id = :studentId, 
								answer = :answer, 
								date_lastupdate = :currentDateTime 
							WHERE vote_id = :voteId ";
					
					queryObj = new Query( datasource=application.dnsMaster );
					queryObj.addParam( name="voteId", value=voteId, cfsqltype="cf_sql_varchar" );
					queryObj.addParam( name="targetId", value=targetId, cfsqltype="cf_sql_char" );
					queryObj.addParam( name="chooserId", value=chooserId, cfsqltype="cf_sql_varchar" );
					queryObj.addParam( name="studentId", value=studentId, cfsqltype="cf_sql_varchar" );
					queryObj.addParam( name="answer", value=answer, cfsqltype="cf_sql_integer" );
					queryObj.addParam( name="currentDateTime", value=currentDateTime, cfsqltype="cf_sql_char" );
		
					queryObj.execute( sql=sql );
					
				}
				else {
					
					sql = "INSERT INTO t_target_response 
							( vote_id, tag_id, scc_id, stu_id, answer, date_create, date_lastupdate, locked ) 
							VALUES 
							( :voteId, :targetId, :chooserId, :studentId, :answer, :currentDateTime, :currentDateTime, '0' ) ";
					
					queryObj = new Query( datasource=application.dnsMaster );
					queryObj.addParam( name="voteId", value=voteId, cfsqltype="cf_sql_varchar" );
					queryObj.addParam( name="targetId", value=targetId, cfsqltype="cf_sql_char" );
					queryObj.addParam( name="chooserId", value=chooserId, cfsqltype="cf_sql_varchar" );
					queryObj.addParam( name="studentId", value=studentId, cfsqltype="cf_sql_varchar" );
					queryObj.addParam( name="answer", value=answer, cfsqltype="cf_sql_integer" );
					queryObj.addParam( name="currentDateTime", value=currentDateTime, cfsqltype="cf_sql_char" );
		
					queryObj.execute( sql=sql );
					
				}
				
			}
			
			/* 统计已投票数量 */
			sql = "SELECT COUNT(*) vote_count FROM t_target_response WHERE scc_id = :chooserId ";
			
			queryObj = new Query( datasource=application.dnsMaster );
			queryObj.addParam( name="chooserId", value=chooserId, cfsqltype="cf_sql_varchar" );
		
			rs_count = queryObj.execute( sql=sql ).getResult();
			
			structInsert(response, "success", true, true);
			structInsert(response, "optDone", rs_count.vote_count, true);
			
		}
		else {
			structInsert(response, "reason", "参数错误", true);
		}

	</cfscript>
</cfsilent><cfoutput>#jsonAdvice.encode(data:response, stringNumbers:true)#</cfoutput>